WP Photo Album Plus is vulnerable to a SQL injection vulnerability due to insufficient sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database, modify data, or execute arbitrary system commands.
A maliciously crafted .zap file can cause a denial of service when opened with bzap.exe. The file contains a header of 'BZAP200BK' followed by 20 'A' characters.
Byoungyoung Lee developed an exploit for Windows 7 32bit, fully patched until Aug 2011, which could allow a denial of service attack. The exploit uses a combination of a long filename and a short filename to cause a kernel panic. The exploit is available at http://exploitshop.wordpress.com/2011/09/07/ms11-064-vulnerabilities-in-tcpip-stack-could-allow-denial-of-service-2563894/
A SQL injection vulnerability exists in WordPress Contact Form plugin version 2.7.5 and earlier. An attacker can send a specially crafted POST request to the vulnerable application to exploit this vulnerability. The vulnerable code is located in the easy-form.class.php file, where the application does not properly sanitize user-supplied input before using it in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Byoungyoung Lee and his team at Georgia Tech have discovered a vulnerability in Windows kernel-mode drivers that could allow remote code execution. The vulnerability is caused by a buffer overrun in the .fon file format handler. By sending a specially crafted .fon file to a vulnerable system, an attacker could execute arbitrary code in the context of the kernel.
The Full Daytona Package is a collection of three JBoss Application Server remote exploits with authentication bypass, ported from Metasploit and beefed up with two scanners: PNSCAN with SSL support and SYNSCAN modded. The remote exploits are best used with daytona_bsh.pl, while the SSL support is provided for the remote exploits with daytona_bsh_ssl.pl, daytona_deployfile_ssl.pl, and daytona_maindeploy_ssl.pl. The SYNSCAN is modded for scanning JBoss (X-Powered-By TAG) on port 8080 only, while the original Parallel Network Scanner (PNSCAN) is modded to support SSL. Usage: ./pnscan -r JBoss -w “HEAD / HTTP/1.0” 10.10.0.0/16 443.
This module exploits a vulnerability found in Mozilla Firefox 3.6. When an array object is configured with a large length value, the reduceRight() method may cause an invalid index being used, allowing abitrary remote code execution. Please note that the exploit requires a longer amount of time (compare to a typical browser exploit) in order to gain control of the machine.
This module exploits a function pointer control within SVUIGrd.ocx of PcVue 10.0. By setting a dword value for the SaveObject() or LoadObject(), an attacker can overwrite a function pointer and execute arbitrary code.
MyBB MyStatus 3.1 is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a crafted HTTP request to the process-mystatus.php script with the action parameter set to delete and the statid parameter set to a malicious SQLi payload.
A SQL injection vulnerability exists in the WordPress wpsf-js plugin version 3.2.1. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP GET request to the vulnerable server. This can allow the attacker to execute arbitrary SQL commands on the underlying database.
Services By CQR